Tcpdump
by Red Hat
Source repositories
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-13688 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print(). | ||
| CVE-2017-13053 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). | ||
| CVE-2017-13050 | Cri | 0.64 | 9.8 | 0.05 | Sep 14, 2017 | The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print(). | ||
| CVE-2017-13044 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print(). | ||
| CVE-2017-13036 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3(). | ||
| CVE-2017-13020 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). | ||
| CVE-2017-13017 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print(). | ||
| CVE-2017-13016 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). | ||
| CVE-2017-13015 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print(). | ||
| CVE-2017-13010 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart(). | ||
| CVE-2017-12999 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print(). | ||
| CVE-2017-12996 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). | ||
| CVE-2017-12995 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print(). | ||
| CVE-2017-12990 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions. | ||
| CVE-2017-12898 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). | ||
| CVE-2017-12896 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). | ||
| CVE-2017-11542 | Cri | 0.64 | 9.8 | 0.04 | Jul 23, 2017 | tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. | ||
| CVE-2017-11541 | Cri | 0.64 | 9.8 | 0.04 | Jul 23, 2017 | tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. | ||
| CVE-2014-8768 | 0.05 | — | 0.20 | Nov 20, 2014 | Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. | |||
| CVE-2014-9140 | 0.00 | — | 0.06 | Dec 5, 2014 | Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. |
- risk 0.64cvss 9.8epss 0.03
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
- risk 0.64cvss 9.8epss 0.03
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
- risk 0.64cvss 9.8epss 0.05
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
- risk 0.64cvss 9.8epss 0.03
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
- risk 0.64cvss 9.8epss 0.03
The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
- risk 0.64cvss 9.8epss 0.03
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
- risk 0.64cvss 9.8epss 0.02
The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
- risk 0.64cvss 9.8epss 0.03
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
- risk 0.64cvss 9.8epss 0.02
The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().
- risk 0.64cvss 9.8epss 0.03
The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
- risk 0.64cvss 9.8epss 0.03
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
- risk 0.64cvss 9.8epss 0.02
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
- risk 0.64cvss 9.8epss 0.02
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
- risk 0.64cvss 9.8epss 0.03
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.
- risk 0.64cvss 9.8epss 0.03
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
- risk 0.64cvss 9.8epss 0.03
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
- risk 0.64cvss 9.8epss 0.04
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
- risk 0.64cvss 9.8epss 0.04
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
- CVE-2014-8768Nov 20, 2014risk 0.05cvss —epss 0.20
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
- CVE-2014-9140Dec 5, 2014risk 0.00cvss —epss 0.06
Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.
Page 1 of 2